summaryrefslogtreecommitdiffstats
path: root/usr.sbin/kgzip/kgzip.c
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2000-01-16 21:19:04 +0000
committerkris <kris@FreeBSD.org>2000-01-16 21:19:04 +0000
commite94cce66b367a45cbc8a85015a2378da71fb051e (patch)
tree712c8354f29d0dcce2c9b6012ad64c2fe70a0982 /usr.sbin/kgzip/kgzip.c
parent5ed22b480c62a4898af8da3230eb02b33b2fdb42 (diff)
downloadFreeBSD-src-e94cce66b367a45cbc8a85015a2378da71fb051e.zip
FreeBSD-src-e94cce66b367a45cbc8a85015a2378da71fb051e.tar.gz
Fix insecure tempfile handling.
Reviewed by: audit@freebsd.org
Diffstat (limited to 'usr.sbin/kgzip/kgzip.c')
-rw-r--r--usr.sbin/kgzip/kgzip.c15
1 files changed, 10 insertions, 5 deletions
diff --git a/usr.sbin/kgzip/kgzip.c b/usr.sbin/kgzip/kgzip.c
index 3af89e5..d65476a8 100644
--- a/usr.sbin/kgzip/kgzip.c
+++ b/usr.sbin/kgzip/kgzip.c
@@ -47,11 +47,9 @@ static const char rcsid[] =
#define SFX_KGZ ".kgz" /* Filename suffix: executable */
#define SFX_MAX 5 /* Size of larger filename suffix */
-#define TMP_PREFIX "kgz" /* Temporary file prefix */
-
const char *loader = "/usr/lib/kgzldr.o"; /* Default loader */
-static const char *tname; /* Name of temporary file */
+char *tname; /* Name of temporary file */
static void cleanup(void);
static void mk_fn(int, const char *, const char *, char *[]);
@@ -68,6 +66,12 @@ main(int argc, char *argv[])
const char *output;
int cflag, vflag, c;
+ if (getenv("TMPDIR") == NULL)
+ tname = strdup("/tmp/kgzXXXXXXXXXX");
+ else
+ if (asprintf(&tname, "%s/kgzXXXXXXXXXX", getenv("TMPDIR")) == -1)
+ errx(1, "Out of memory");
+
output = NULL;
cflag = vflag = 0;
while ((c = getopt(argc, argv, "cvl:o:")) != -1)
@@ -122,7 +126,7 @@ mk_fn(int cflag, const char *f1, const char *f2, char *fn[])
{
const char *p, *s;
size_t n;
- int i;
+ int i, fd;
i = 0;
s = strrchr(f1, 0);
@@ -133,8 +137,9 @@ mk_fn(int cflag, const char *f1, const char *f2, char *fn[])
}
fn[i++] = (char *)f1;
if (i == FN_OBJ && !cflag) {
- if (!(tname = tempnam(NULL, TMP_PREFIX)))
+ if ((fd = mkstemp(tname)) == -1)
err(1, NULL);
+ close(fd);
fn[i++] = (char *)tname;
}
if (!(fn[i] = (char *)f2)) {
OpenPOWER on IntegriCloud